White-box computing security patterns and software security modeling

In black-box security, the software is assumed to run in a trusted environment. In the context of white-box attacks, the environment is assumed to be distrusted and the users of the software, which are installed in a device, have unlimited time and resources to break into the software and has access to binary code being run on the memory of the device. The main objectives of the research project are to extract the white-box security patterns developed in Cloakware organization and initiate developing possible models of white-box security based on these patterns, and relate them with each other. The extracted patterns would provide a knowledge base within the Cloakware organization for various teams such as marketing, design, and implementation. Moreover, the visually modeled patterns can be used as a means of communication with the customers. The models potentially facilitate training and introduction to the Cloakware’s solutions and services as well.

Faculty Supervisor:

Dr. Eric Yu

Student:

Golnaz Elahi

Partner:

Irdeto Canada

Discipline:

Computer science

Sector:

Information and communications technologies

University:

University of Toronto